apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: setup-bmc
  namespace: baremetal-cr
spec:
  params:
    - description: The username for the BMC
      name: bmc-user
      type: string
    - description: The password for the BMC
      name: bmc-pass
      type: string
    - description: OpenShift cluster name for virtual media
      name: ocp-cluster-name
      type: string
    - description: infra env
      name: infra-env
      type: string
    - default: acm-config
      description: namespace of rackvars
      name: rack-ns
      type: string
  steps:
    - env:
        - name: infra-env
          value: $(params.infra-env)
        - name: rack-ns
          value: $(params.rack-ns)
      image: docker-enterprise-dev.artifactrepository.citigroup.net/cate-citisystems-openshift/openshift4:4.12.33-x86_64-cli
      name: setup-bmc
      resources: {}
      script: >
        #!/usr/bin/env python3

        import os
        import requests
        import json
        import time

        # Disable warnings for SSL Certificate
        requests.packages.urllib3.disable_warnings()

        infra_env = os.environ['infra-env']
        rack_ns = os.environ['rack-ns']
        machines = json.loads(os.popen('oc get rack %s -n %s -o jsonpath={.spec.machines}' % (infra_env, rack_ns)).read())

        bmc_user = "$(params.bmc-user)"
        bmc_pass = "$(params.bmc-pass)"
        ocp_cluster_name = "$(params.ocp-cluster-name)"

        ok_status = [200, 201, 202, 203, 204]
        
        # Virtual Media Operations
        for machine in machines:
            name = machine['name']
            bmc_ip = machine['bmc_ip']
            fqdn = f"{name}.{infra_env}.{rack_ns}"

            print(f"INFO: Processing BMC IP/Hostname: {bmc_ip} for node {name}")

            session_url = f"https://{bmc_ip}/redfish/v1/SessionService/Sessions/"
            system_url = f"https://{bmc_ip}/redfish/v1/Systems"

            # Create a session to get the X-Auth-Token
            response = requests.post(session_url, verify=False, headers={"Content-Type": "application/json"}, json={"UserName": bmc_user, "Password": bmc_pass})
            if response.status_code in ok_status:
                print(f"Session created to get X-Auth-Token to perform Virtual Media Operations on node {name}.")
            else:
                print(f'Failed to create a session to get X-Auth-Token for node {name}. Status code: {response.status_code}')
                sys.exit(1)

            token = response.headers.get("X-Auth-Token")
            auth_header = {"X-Auth-Token": token}

            # Get system information to find system endpoint
            response_systems = requests.get(system_url, headers=auth_header, verify=False)
            systems_endpoint = response_systems.json()['Members'][0]['@odata.id']

            # Power Off Host before ejecting virtual media
            power_off_url = f"https://{bmc_ip}{systems_endpoint}/Actions/ComputerSystem.Reset"
            power_off_body = {"ResetType": "GracefulShutdown"}
            response = requests.post(power_off_url, headers=auth_header, json=power_off_body, verify=False)
            if response.status_code in ok_status:
                print(f'Host {name} powered off successfully. Waiting for shutdown.')
                time.sleep(10)  
            else:
                print(f"Failed to power off host {name}. Status code: {response.status_code}. Attempting to proceed with caution.")
                sys.exit(1)

            managers_url = f"https://{bmc_ip}/redfish/v1/Managers"
            response_managers = requests.get(managers_url, headers=auth_header, verify=False)
            managers_endpoint = response_managers.json()['Members'][0]['@odata.id']

            virtual_media_url = f"https://{bmc_ip}{managers_endpoint}/VirtualMedia"
            response_virtual_media = requests.get(virtual_media_url, headers=auth_header, verify=False)
            cd_endpoint = response_virtual_media.json()['Members'][1]['@odata.id']

            # Eject virtual media
            eject_media_url = f"https://{bmc_ip}{cd_endpoint}/Actions/VirtualMedia.EjectMedia"
            response = requests.post(eject_media_url, headers=auth_header, json={}, verify=False)
            if response.status_code in ok_status:
                print(f'Virtual media ejected successfully for host {name}.')
            else:
                print(f"Failed to eject virtual media for host {name}. Status code: {response.status_code}")

            # Insert virtual media
            insert_media_url = f"https://{bmc_ip}{cd_endpoint}/Actions/VirtualMedia.InsertMedia"
            virtual_media_body = {
                "Image": f"https://path-to-your-rhcos-live-image/{ocp_cluster_name}-rhcos-live.x86_64.iso",
                "Inserted": True,
                "WriteProtected": True
            }
            response = requests.post(insert_media_url, headers=auth_header, json=virtual_media_body, verify=False)
            if response.status_code in ok_status:
                print(f'Virtual media inserted successfully for host {name}.')
            else:
                print(f"Failed to insert virtual media for host {name}. Status code: {response.status_code}")
                sys.exit(1)

            # Power On Host
            power_on_url = f"https://{bmc_ip}{systems_endpoint}/Actions/ComputerSystem.Reset"
            power_on_body = {"ResetType": "On"}
            response = requests.post(power_on_url, headers=auth_header, json=power_on_body, verify=False)
            if response.status_code in ok_status:
                print(f'Host {name} powered on successfully.')
            else:
                print(f"Failed to power on host {name}. Status code: {response.status_code}")
                sys.exit(1)

            # Close Session
            session_id = response.headers.get("Location")
            if session_id:
                session_id_url = f'https://{bmc_ip}{session_id}'
                response = requests.delete(session_id_url, headers=auth_header, verify=False)
                if response.status_code in ok_status:
                    print(f'Session closed successfully for host {name}.')
                else:
                    print(f'Failed to close session for host {name}. Status code: {response.status_code}')
  workspaces:
    - description: The git repo will be cloned onto the volume backing this Workspace.
      name: output
